China has been asked, via the Foreign Ministry and Interpol, to help in the investigation, but has so far not responded. China is known to encourage its growing number of hackers to assist the government in developing a powerful cyberwar capability. The Chinese government also is quite tolerant when these Chinese hackers cause mischief abroad, especially against Taiwan. China is also the source of a lot of Internet criminal activity, although this is not encouraged by the Chinese government. However, the Chinese have not been able to slow down the growth of Internet based criminal activity in China either. Because the attacks against South Korea involved so many government agencies, there is suspicion that this was a cyberwar exercise condoned by the Chinese government. The Chinese have not been eager to admit that cyberwar activities like this were carried out by Chinese cyberwarriors, or Chinese hackers operating under government protection. And the Chinese have not been eager to help hunt down any Internet criminals operating in China either. So South Korea is working to reinforce its defenses against attacks via the Internet, and continuing to bug China about cyberwar activities.
The South Korean National Intelligence Service (NIS) reported in June that dozens of government agencies and corporations had been attacked via the Internet, by someone operating from China. The NIS concluded that the attack required considerable organization and manpower to pull off. The NIS believes the attack has broken into at least 211 computers in ten government agencies (including the National Maritime Police Agency, the National Assembly, the Korea Atomic Energy Research Institute, the Korea Institute for Defense Analysis, the Agency for Defense Development, Air Force Academy, and the Maritime Ministry.) Another 67 computers in corporations were found to be broken into as well. The hacking operations took place over a month. The NIS was hindered in its investigation by the reluctance of many government agencies to cooperate. In addition to information being stolen, some Trojan horse programs were left behind, and other damage may have been done as well.